CVSS: 2.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38358 – Symlink bypasses filesystem sandbox in wasmer
https://notcve.org/view.php?id=CVE-2024-38358
Wasmer is a web assembly (wasm) Runtime supporting WASIX, WASI and Emscripten. If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both `oflags::creat` and `rights::fd_write`. Programs can also crash the runtime by creating a symlink pointing outside with `path_symlink` and `path_open`ing the link. This issue has been addressed in commit `b9483d022` which has been included in release version 4.3.2. Users are advised to upgrade. • https://github.com/wasmerio/wasmer/commit/b9483d022c602b994103f78ecfe46f017f8ac662 https://github.com/wasmerio/wasmer/security/advisories/GHSA-55f3-3qvg-8pv5 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 1CVE-2023-51661 – Filesystem sandbox not enforced in wasmer-cli
https://notcve.org/view.php?id=CVE-2023-51661
Wasmer is a WebAssembly runtime that enables containers to run anywhere: from Desktop to the Cloud, Edge and even the browser. Wasm programs can access the filesystem outside of the sandbox. Service providers running untrusted Wasm code on Wasmer can unexpectedly expose the host filesystem. This vulnerability has been patched in version 4.2.4. Wasmer es un runtime de WebAssembly que permite que los contenedores se ejecuten en cualquier lugar: desde el escritorio hasta la nube, Edge e incluso el navegador. • https://github.com/wasmerio/wasmer/commit/4d63febf9d8b257b0531963b85df48d45d0dbf3c https://github.com/wasmerio/wasmer/issues/4267 https://github.com/wasmerio/wasmer/security/advisories/GHSA-4mq4-7rw3-vm5j • CWE-284: Improper Access Control •